CVE-2022-20630

CVE Database · CVE-2022-20630

CVE-2022-20630

· MEDIUMModified

CVSS v3.1

4.4

EPSS

0.22%

Published

Feb 10, 2022

Modified

Jul 23, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative privileges could exploit this vulnerability by accessing the audit logs through the CLI. A successful exploit could allow the attacker to retrieve sensitive information that includes user credentials.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-200CWE-532

Affected Products (2)

cisco · catalyst_center (up to 2.2.2.8)vulnerable

cisco · catalyst_center (up to 2.2.3.4)vulnerable

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs